How to disassemble a 32-bit ELF stripped c-program using IDA pro?

Question

I want to know how to disassemble stripped ELF using IDA pro

I just stripped and made it as 32-bit ELF program for understanding..

#include <stdio.h>
 int my_password()
 {
   int pass,res,i,k;
   pass=5;
   for(i=0;i<=10;i++)
   {
     pass=pass+1;

   }
   return pass;
 }
 void main()
 {
   int ans,user;
   printf("Enter my password");
   scanf("%d",&user);
   ans=my_password();
   if(ans==user)
   {
     printf("You disassembled stripped C");
   }
   else
   {
     printf("You are not good enough!");

   }
 }

Command which I used to make it strip and as 32-bit:

 gcc -m32 test.c
 strip --strip-unneeded test

While I try to disassemble using IDA pro it is fully different when compared to unstripped.

Using IDA pro please tell me how to find that password..

Please consider I don't have the source code.Use only IDA PRO to help me.

score 2 · Answer 1 · answered Nov 24 '16 at 17:51

You can use "string reference" attack method. So, if you run your stripped crackme and try to enter something like a password you will get "You are not good enough!" message. So, you need open Strings window with Shift+F12:

then you need to jump to the "You are not good enough!" string (in big applications with many strings you should use search feature):

then jump to the code referenced to this string:

my_password here has no its original name, but it has same function. Analyzing it with sscanf format together we can figure out right value for the password.

How to disassemble a 32-bit ELF stripped c-program using IDA pro?

1 Answers1